Several of the most commonly used COVID-19 mobile apps were revealed to pose a privacy risk for all of its users. An independent investigation has revealed the shocking truths about these unsecured apps even with the CDC apps.
According to the probe that was conducted by nonother than the International Digital Accountability Council or IDAC over the previous two months, there were actually some instances in which these apps did not really follow the best practices when it came to privacy or it did not properly protect its users from the underlying potential risks.
According to the statement of Quentin Palfrey, the president of the IDAC, if the responsible steps to actually rein in the pandemic suddenly reopen the country's devastated economy that requires the much-needed change when it comes to how much information people should be open about their health, movements, and other data, the public should in fact be able to trust that their own data will be handled quite responsibly.
The IDAC even reviewed 108 different global COVID-19 mobile apps that spread across 41 different countries in order to understand whether the consumers' personal data was actually being used with much responsibility or not.
In order to thoroughly conduct the review, they also analyzed how the apps were collecting personal data, what type of data was collected by these apps, and what other third parties are able to have access to the data from these apps.
According to Palfrey, smartphone apps usually offer certain promising tools for data collection with regards to users' contacts along with sharing that type of information with the public health officials.
Palfrey noted that the analysis indeed showed that there were many of these tools that employ very good privacy and also security measures, but that a portion of these apps did not actually follow the best practices that are related to transparency, security, and even data-sharing with the third parties.
Key findings of the investigation
Out of the 23 different contact-tracing apps, there were only less than 20 percent that actually mentioned or informed the users if their own personal data was being anonymized. Also, there were about half of the contact tracing apps that requested certain potentially "intrusive" permissions.
The majority of these symptom-checker apps actually analyzed were not really transparent about their certain third-party sharing practices meaning data could potentially be shared to certain third parties with the subject unaware.
Six different apps, including the CDC or Centers for Disease Control and Prevention's official app that was developed by the US government, were also observed and found to be sending insecure transmissions that resulted to leaving users open to a wide array of certain malicious cyber attacks. The debate is still ongoing as to whether or not require these apps in the battle against COVID-19 or not.